Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								188ea98441 
								
							 
						 
						
							
							
								
								Add new decorator to prevent reflected text attacks  
							
							... 
							
							
							
							Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend. 
							
						 
						
							2018-02-20 11:33:45 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ac328da383 
								
							 
						 
						
							
							
								
								Merge pull request  #3006  from coreos-inc/joseph.schorr/QUAY-827/noop-team-name  
							
							... 
							
							
							
							Add messaging when trying to create a team that already exists 
							
						 
						
							2018-02-15 16:41:51 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								72ca758c88 
								
							 
						 
						
							
							
								
								Add messaging when trying to create a team that already exists  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QUAY-827  
							
						 
						
							2018-02-15 16:03:09 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e220b50543 
								
							 
						 
						
							
							
								
								Refactor auth code to be cleaner and more extensible  
							
							... 
							
							
							
							We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc). 
							
						 
						
							2018-02-14 15:35:27 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Brad Ison 
								
							 
						 
						
							
							
							
							
								
							
							
								5965929187 
								
							 
						 
						
							
							
								
								Include location in user analytics  
							
							
							
						 
						
							2018-02-06 16:06:17 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Brad Ison 
								
							 
						 
						
							
							
							
							
								
							
							
								3de6b4a646 
								
							 
						 
						
							
							
								
								Add location metadata field for users  
							
							
							
						 
						
							2018-02-06 16:06:17 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6514bf229f 
								
							 
						 
						
							
							
								
								Merge pull request  #2973  from coreos-inc/joseph.schorr/QS-116/cloudfront-storage  
							
							... 
							
							
							
							Add support for configuring cloudfront storage 
							
						 
						
							2018-02-02 10:14:28 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								b0f656731c 
								
							 
						 
						
							
							
								
								Add support for configuring CloudFront storage engine  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-116  
							
						 
						
							2018-01-31 11:22:14 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								208dc38d25 
								
							 
						 
						
							
							
								
								Allow expired app specific tokens to be deleted  
							
							
							
						 
						
							2018-01-23 11:40:51 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c887aa543b 
								
							 
						 
						
							
							
								
								Change superuser API errors to be more descriptive  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-103  
							
						 
						
							2018-01-05 17:09:26 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								13b738c43c 
								
							 
						 
						
							
							
								
								Merge pull request  #2954  from coreos-inc/joseph.schorr/QS-102/user-api-filter  
							
							... 
							
							
							
							Add ability to filter users list to enabled users 
							
						 
						
							2018-01-05 15:40:50 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								5286fd63b0 
								
							 
						 
						
							
							
								
								Merge pull request  #2953  from coreos-inc/joseph.schorr/QS-101/discovery-anon  
							
							... 
							
							
							
							Allow anonymous access to the discovery endpoint 
							
						 
						
							2018-01-05 15:40:39 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								d8fde005d8 
								
							 
						 
						
							
							
								
								Merge pull request  #2961  from coreos-inc/joseph.schorr/QS-107/create-repo-opt  
							
							... 
							
							
							
							Small optimizations around create repository code 
							
						 
						
							2018-01-05 15:40:30 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								888b564a9b 
								
							 
						 
						
							
							
								
								Add a banner to the Quay UI when an app specific token is about to expire  
							
							
							
						 
						
							2018-01-04 15:27:42 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2214a2c7ad 
								
							 
						 
						
							
							
								
								Disable fresh login check in auth engines that won't support it  
							
							
							
						 
						
							2018-01-04 15:27:41 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								524d77f527 
								
							 
						 
						
							
							
								
								Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password  
							
							
							
						 
						
							2018-01-04 15:27:41 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1e1bec0afe 
								
							 
						 
						
							
							
								
								Remove extra update call on create repo  
							
							
							
						 
						
							2018-01-04 13:42:05 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								8e473b9779 
								
							 
						 
						
							
							
								
								Add filter for disabled users to superuser user list API  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-102  
							
						 
						
							2017-12-22 16:45:49 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1d3a93efcb 
								
							 
						 
						
							
							
								
								Linter fixes for superuser API file  
							
							
							
						 
						
							2017-12-22 16:18:58 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6b42e3e4ca 
								
							 
						 
						
							
							
								
								Allow anonymous access to the discovery endpoint  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-101  
							
						 
						
							2017-12-22 16:13:23 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6db2ecc19f 
								
							 
						 
						
							
							
								
								Merge pull request  #2928  from coreos-inc/joseph.schorr/QS-74/fix-restart  
							
							... 
							
							
							
							Have Quay lookup the sbin/my_init PID to kill 
							
						 
						
							2017-12-07 13:25:16 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1d1c6f0606 
								
							 
						 
						
							
							
								
								Invalidate all session tokens when a user signs out  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-85  
							
						 
						
							2017-12-07 13:03:11 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a204dc20fb 
								
							 
						 
						
							
							
								
								Require CAPTCHA for password recovery  
							
							... 
							
							
							
							https://jira.coreos.com/browse/QS-79  
						
							2017-12-06 14:25:34 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								927d469db0 
								
							 
						 
						
							
							
								
								In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address)  
							
							
							
						 
						
							2017-12-06 14:07:38 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4db1615d94 
								
							 
						 
						
							
							
								
								Fix bugs in updateuser  
							
							... 
							
							
							
							1) Also check for matching organization names
2) Ensure that errors don't leave the throbber 
							
						 
						
							2017-12-01 14:58:29 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								874a7b0c41 
								
							 
						 
						
							
							
								
								Have Quay lookup the sbin/my_init PID to kill  
							
							... 
							
							
							
							We changed the entry point in Quay to be a shell script that calls `my_init`, which means the init no longer has PID 1. We therefore need to look up the correct PID to kill it.
Fixes https://jira.coreos.com/browse/QS-74  
							
						 
						
							2017-12-01 14:04:43 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2ced523313 
								
							 
						 
						
							
							
								
								Add Explore tab and query-less searching  
							
							... 
							
							
							
							Allows for exploration of all visible repositories, in paginated form.
This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.
Fixes https://jira.coreos.com/browse/QS-63  
							
						 
						
							2017-11-28 16:50:23 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9b2fb46e34 
								
							 
						 
						
							
							
								
								Move recaptcha check after the username check  
							
							... 
							
							
							
							Ensures that if someone chooses an existing username, they don't need to re-recaptcha
Fixes https://jira.coreos.com/browse/QS-65  
							
						 
						
							2017-11-27 16:59:42 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1b6ecb6c1c 
								
							 
						 
						
							
							
								
								Fix bug in listing owned tags  
							
							... 
							
							
							
							We were indexing into a map using the docker_image_id, but the ancestors use the *image id*. Also cleans up the code and adds some tests.
Fixes https://jira.prod.coreos.systems/browse/QS-55  
							
						 
						
							2017-11-09 16:21:40 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2ce4e49711 
								
							 
						 
						
							
							
								
								Build job does not have a request context when calling get_file_url  
							
							... 
							
							
							
							We therefore need to specify some sort of IP or get_file_url will attempt to get it from context 
							
						 
						
							2017-10-06 12:57:02 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3bef21253d 
								
							 
						 
						
							
							
								
								Merge pull request  #2695  from coreos-inc/oidc-internal-auth  
							
							... 
							
							
							
							OIDC internal auth support 
							
						 
						
							2017-10-02 16:51:17 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								82ff85b125 
								
							 
						 
						
							
							
								
								Add ability for users to change their name and company information  
							
							
							
						 
						
							2017-09-26 16:58:04 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								804d3c46c3 
								
							 
						 
						
							
							
								
								Add feature flag to allow users to be created only if invited to join a team  
							
							... 
							
							
							
							Allows for open user creation, but only if extended an invitation by someone who already has access 
							
						 
						
							2017-09-14 16:28:39 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c6aad5fef0 
								
							 
						 
						
							
							
								
								Add option to disable partial autocompletion of users  
							
							
							
						 
						
							2017-09-12 15:55:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								adc70d2fe2 
								
							 
						 
						
							
							
								
								Add alias for callback path  
							
							
							
						 
						
							2017-09-12 12:26:42 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								1d246784dd 
								
							 
						 
						
							
							
								
								Include invalid oidc token in the error message for debugging  
							
							
							
						 
						
							2017-09-12 12:26:42 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e724125459 
								
							 
						 
						
							
							
								
								Add support for using OIDC tokens via the Docker CLI  
							
							
							
						 
						
							2017-09-12 12:23:22 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e0820c6be5 
								
							 
						 
						
							
							
								
								Remove encoding of credentials in build trigger web hook  
							
							... 
							
							
							
							This now breaks BitBucket 
							
						 
						
							2017-09-07 11:27:02 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2fdc1be94b 
								
							 
						 
						
							
							
								
								Remove duplicate orgs when using public namespaces  
							
							... 
							
							
							
							Fixes https://coreosdev.atlassian.net/browse/QUAY-770  
							
						 
						
							2017-08-24 14:13:26 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								46e1bd9c75 
								
							 
						 
						
							
							
								
								Merge pull request  #2850  from coreos-inc/jpmc-features  
							
							... 
							
							
							
							Features for JPMC 
							
						 
						
							2017-08-16 14:29:00 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								854155fe82 
								
							 
						 
						
							
							
								
								Fix missing to_dict and import in robots model  
							
							... 
							
							
							
							Also adds a test to catch this issue 
							
						 
						
							2017-08-09 20:33:14 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2184721d28 
								
							 
						 
						
							
							
								
								Fix recursion error in images API  
							
							... 
							
							
							
							We only need parents for the root set of images 
							
						 
						
							2017-08-09 13:27:54 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								cac0457540 
								
							 
						 
						
							
							
								
								fix misnamed key in permissions api  
							
							
							
						 
						
							2017-08-09 08:37:59 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								650dbe5f5b 
								
							 
						 
						
							
							
								
								Add config to enable "public" namespaces  
							
							... 
							
							
							
							These are namespaces that will be displayed in the repo list view, regardless of whether the user is a member. 
							
						 
						
							2017-08-07 15:59:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								dff4207a89 
								
							 
						 
						
							
							
								
								Add feature flag to enable viewing builds and build logs for public repos  
							
							
							
						 
						
							2017-08-07 15:24:36 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								0359ac8753 
								
							 
						 
						
							
							
								
								Merge pull request  #2848  from charltonaustin/fix_bug_robot_stuffs  
							
							... 
							
							
							
							fix(endpoints/api/robot.py): fix misnamed attribute 
							
						 
						
							2017-08-01 15:05:43 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								36e58e3bd0 
								
							 
						 
						
							
							
								
								fix(endpoints/api/robot.py): fix missnamed attribute  
							
							... 
							
							
							
							Issue:NA
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format 
							
						 
						
							2017-08-01 14:43:20 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								524af4331d 
								
							 
						 
						
							
							
								
								Merge pull request  #2847  from charltonaustin/fix_bug_superuser_panel  
							
							... 
							
							
							
							fix(superuser_models_pre_oci): have None for approver 
							
						 
						
							2017-08-01 13:37:50 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								83e9dfac7a 
								
							 
						 
						
							
							
								
								Merge pull request  #2817  from coreos-inc/joseph.schorr/QUAY-688/dex-fixes  
							
							... 
							
							
							
							Dex Fixes 
							
						 
						
							2017-08-01 13:26:50 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								f05e684b31 
								
							 
						 
						
							
							
								
								fix(superuser_models_pre_oci): have None for approver  
							
							... 
							
							
							
							### Description of Changes
this fixes a null pointer exception
Issue: https://coreosdev.atlassian.net/browse/QUAY-fix_bug_superuser_panel 
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format 
							
						 
						
							2017-08-01 13:09:41 -04:00